At work in the 90s we gave tons of old Sparcstation 10s away. They rapidly replaced all IPX and IPS at the computer clubs around Sweden. One Volvo was destined for Luleå and was really weighted down with a trunk full of pizza boxes.
In the Nordics it's very rare. There were power outages this year that lasted for more than 24h for some customers. So naturally there was a public inquiry into how the power companies let that happen.
In Sweden it also almost never happens but this year there was a hurricane like storm that fell lots of trees and thousands of people had no power for days. But yeah it wasn’t because of snow.
This just isn’t true, at all - electricity is regularly out for hundreds or thousands of people in Sweden because of snow. This year was especially bad, where thousands were without any electricity for up to 10 or 12 days, but every year brings the same problems. Just google “elavbrott snö” and you’ll find many current examples - just as one instance:
I worked for a short time for an American company. They had periodic phishing test from Mitnick. The links in those emails was not to be clicked as it would trigger a mandatory training. The emails also had a header saying they were a phishing test, so I deleted all those emails in a filter.
The company also ran a mail filter called Baracuda or something similar that followed links in emails to see if they were malicious.
I was quite annoyed when I was called to do the mandatory training as "I" had clicked a link (on an email I hadn't seen) and more so when told I had no other recourse than to sit through it.
Did everyone get flagged then thanks to Barracuda? You’d think they’d realize there’s a problem if there’s a 100% fail rate.
Edit: also, to be fair, you basically told them you had opted out of the test, so it’s not completely ridiculous for them to ask you to do the training instead.
to be fair someone started using computers and has x worthelss security certificates but yes he will teach me how to use computer/Internet...okidoki... I just move to trash all their tests as it's just spam.
The test is whether you can successfully identify phishing attempts bu approximating what they look like in the wild. Bypassing the test entirely means there's no data on whether you're susceptible to this, and just because someone knows there's a header and how to bypass something doesn't mean they aren't also the kind of person to be distracted and click on stuff they shouldn't.
This method of test passing wasn't okay when Volkswagen did it, and it's not appropriate for employees at a company that asks them to take the test, for the exact same reason.
Sure you are being clever, but (and I don't know the state of art science wrt effectivity of these fake phishing emails), you are defying a measure that was taken by management to try to make the company safer. Sure it may feel, and even be, a waste of time. But you are also putting yourself above the rules in a way. Your assumption is that these programs will actually NOT make the company safer, with 100% certainty. Because even of it makes the company 1% safer, it is management's responsibility to go ahead with these measures or not.
I don't know what to think of how you acted, as much as I hate most mandatory course, at least some if my knowledge comes from them. Obviously the company pays you normally while you take the course. And somewhere I feel that "work is work".
Of course, in this case, you have shown the system to be erroneous, while showing yourself to feel superior. Difficult... As manager I'd like you to seek a conversation with me.
Edit: Of course, you are 100% free to leave this company, are you 100% free to cheat on cyber security measures? I don't think I agree with you there.
> you are defying a measure that was taken by management to try to make the company safer.
> are you 100% free to cheat on cyber security measures?
Why do you think that implementing an email filter like that is "defying a measure" or "cheating"? What value do you think there would be in individually, manually, reviewing each such email, if you've already identified the pattern they all follow and their purpose? You're essentially arguing for wilful inefficiency, which is "cheating" the organization out of useful labor.
The other reply to you may have been less than perfectly polite, but they certainly had a point.
Are you being willfully obtuse? Suppose that management wanted to see if you could visually identify faulty parts on an assembly line - wrong finish, dirty, etc - , and that all deliberately faulty test parts had a red sticker on the bottom. If you just flipped every part over until you found red stickers would you be equally annoying refusing to identify why what you did you as wrong and stupid? The goal wasn't reading email headers.
Come on, certainly the "spirit" of the "training" is to learn to disseminate phishing emails from real ones using subtle ques. Not to learn how to write an email filter.
Nowhere am I saying that I agree with the chosen methods, especially not the part that sounds like punishment. But there are better ways to deal with the disagreement than suggested here.
Hmm, never been there, but it never feels good to be lumped in with some group (especially when they have lunatics in the name) instead of receiving feedback that may point at errors in judgement.
I'm generally considered knowledgeable and I'm just thinking from the perspective of owning a company and employees taking these actions instead of coming to talk to me, showing evidence of my poor management decisions.
This whole text reeks of a employee vs employer situation, which is never good (you're in it together), so probably it is good that the person left the company, for both parties.
Perhaps I'm naive, or not American enough, US work culture seems harsh to me sometimes, especially wrt work ethic and hierarchy.
I'm off now to find what PMC is, thank you.
Edit: Looked around for sometime, no idea still what PMC is.
Thanx, I don't consider myself PMC, but, I guess that's the internet of today, slap a label onto anyone and anything based on ~160 chars.
I guess lyu07282 is what I have taken to calling a "Judger". Always labeling, always judging, always seeking the moral high-ground, never realizing the lack of nuance that must exist in short texts. Never thinking "what if this was meant in a kind way." Oh, and I see the irony, it is intentional (feels bad right?).
I think it's what tearing the US apart at this very moment. Always Us against Them. Most people are kind you know. I really thought I did my best to add nuance.
Those knowb4me or whatever supposed security lessons are terrible. In our case the emails included links to external domains (to knowb4) that you were actually required to click, as in really not as a test to see who did it. And you presume to teach me Fing security...
Ughhh yeah, KnowBe4. Real crap service with emails so obviously bait that a security worker would try them just to see what happens.
The cool thing though is when people post the link on Yammer asking if it's safe, then you can screw them by clicking on it and they have to do the course hehehh
Called "generatorgas" or "gengas" for short in Sweden. Almost all cars in pictures from the early forties had a little cart behind them. That was the generator.
